SUSE: 2022:3135-1 suse/389-ds Security Update
Summary
Advisory ID: SUSE-RU-2022:4212-1 Released: Thu Nov 24 15:53:48 2022 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:4214-1 Released: Thu Nov 24 16:17:31 2022 Summary: Security update for libdb-4_8 Type: security Severity: low
References
References : 1174414 1190651 CVE-2019-2708
1190651
This update for openssl-1_1 fixes the following issues:
- FIPS: Mark PBKDF2 with key shorter than 112 bits as non-approved (bsc#1190651)
- FIPS: Consider RSA siggen/sigver with PKCS1 padding also approved (bsc#1190651)
- FIPS: Return the correct indicator for a given EC group order bits (bsc#1190651)
1174414,CVE-2019-2708
This update for libdb-4_8 fixes the following issues:
- CVE-2019-2708: Fixed partial DoS due to data store execution (bsc#1174414).
The following package changes have been done:
- libopenssl1_1-1.1.1l-150400.7.16.1 updated
- libopenssl1_1-hmac-1.1.1l-150400.7.16.1 updated
- openssl-1_1-1.1.1l-150400.7.16.1 updated
- libdb-4_8-4.8.30-150000.7.6.1 updated
- db48-utils-4.8.30-150000.7.6.1 updated
- container:sles15-image-15.0.0-27.14.20 updated